Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/SoWSA9KngUJPPJC6PAcmUW3hlm8.roa
File: SoWSA9KngUJPPJC6PAcmUW3hlm8.roa (raw, json)
Hash identifier: /mVHXZ4sigQBfV5RMDKj9PedwBzGCLo/t1w5MYMWIYg=
Subject key identifier: 4A:85:92:03:D2:A7:81:42:4F:3C:90:BA:3C:07:26:51:6D:E1:96:6F
Certificate issuer: /CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Certificate serial: 0186084934C49A12C9AF455A20BEE84D7AA0
Authority key identifier: 14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/SoWSA9KngUJPPJC6PAcmUW3hlm8.roa
Signing time: Tue 31 Jan 2023 14:44:20 +0000
ROA not before: Tue 31 Jan 2023 14:44:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200203
IP address blocks: 2a13:d800:2000::/36 maxlen: 36
2a13:d800:1000::/36 maxlen: 36
2a13:d800::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Sep 2023 20:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:49:34:c4:9a:12:c9:af:45:5a:20:be:e8:4d:7a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Validity
Not Before: Jan 31 14:44:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a859203d2a781424f3c90ba3c0726516de1966f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0c:ca:34:68:cf:d5:44:2c:08:63:e7:07:d9:
40:c7:03:72:bb:7d:ca:cf:34:58:ce:d8:4f:98:08:
fa:1e:2a:d5:a8:6e:91:64:60:c2:5d:ff:4d:a7:08:
d1:18:52:d3:69:61:fa:37:d9:91:b6:c8:0f:ff:43:
5c:c4:69:40:af:50:95:59:9c:43:66:6b:73:a5:9c:
75:7c:3c:e3:e2:de:3b:7c:ca:0c:f0:6d:d0:00:8b:
e2:fe:c1:d6:fc:28:ef:4b:49:d7:4c:0b:6f:cb:35:
dd:98:b1:a9:1e:a2:7b:2f:7a:9a:a2:ab:1b:b4:fb:
f2:87:be:df:43:8d:36:2f:fa:b8:1b:71:16:e6:e5:
9c:3d:16:26:37:3a:74:bb:4a:8a:c0:40:f3:63:32:
b8:f2:b6:cf:ca:dd:72:87:7a:df:40:52:d9:51:8d:
c5:65:39:6d:13:d0:1b:ad:58:25:8d:37:ac:f8:75:
73:8a:f3:9b:72:ef:07:8c:46:d8:c6:71:cf:49:61:
c0:3d:67:ae:7c:72:51:93:5f:cb:6f:ee:22:ab:0a:
af:f2:37:ae:eb:cd:ae:e1:de:60:32:d8:58:15:1a:
e2:94:13:af:72:ae:40:54:ce:22:52:91:f2:af:ae:
13:09:bf:80:8b:03:ad:9a:08:cf:f3:9e:51:ac:8e:
ff:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:85:92:03:D2:A7:81:42:4F:3C:90:BA:3C:07:26:51:6D:E1:96:6F
X509v3 Authority Key Identifier:
keyid:14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/SoWSA9KngUJPPJC6PAcmUW3hlm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/FKYzWehOAMD54qID6tJ4GibZBOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d800::/32
Signature Algorithm: sha256WithRSAEncryption
93:58:2c:2b:b3:b1:d2:68:6b:67:31:aa:47:82:35:40:be:fe:
aa:b0:9a:d9:f1:6c:c0:68:09:05:b8:57:86:ee:38:31:a2:b3:
b6:a3:3f:b5:de:6b:4a:0d:6b:57:ce:4f:a8:88:d5:5d:7b:2a:
07:ef:cb:ff:a4:81:61:1f:ec:53:12:2d:87:82:9d:6b:60:da:
2e:4a:61:3a:27:94:4f:ab:6f:29:a7:c9:b4:e4:92:20:23:05:
f9:a3:b6:2e:e9:e4:c2:e9:8e:85:71:d1:89:76:69:0c:04:d9:
98:de:c8:52:ba:a7:5c:9b:23:42:ad:ad:a8:3f:43:45:58:6c:
ab:98:f8:af:1f:d6:dd:69:26:67:14:41:42:83:f7:3c:61:61:
00:3c:56:c3:df:fd:39:ed:13:66:60:c0:b8:81:f4:4b:df:20:
72:96:b9:c3:ad:c0:1b:c8:e8:f5:27:d3:2b:ca:3a:e2:b8:d8:
d8:b2:42:19:48:df:30:d5:4a:ff:00:f1:05:3e:28:84:2e:8a:
a5:a9:f7:19:b3:ce:77:3a:46:b4:40:0d:0f:3b:c5:16:83:f7:
61:54:a9:b8:fe:46:f2:8f:5b:78:03:2d:a5:39:b0:8e:fa:04:
f6:f7:12:7c:86:07:22:51:56:6c:af:49:00:1b:ea:43:75:0e:
eb:ca:c2:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYISTTEmhLJr0VaIL7oTXqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTYzMzU5ZTg0ZTAwYzBmOWUyYTIwM2VhZDI3ODFhMjZk
OTA0ZTYwHhcNMjMwMTMxMTQ0NDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg1OTIwM2QyYTc4MTQyNGYzYzkwYmEzYzA3MjY1MTZkZTE5NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wzKNGjP1UQsCGPnB9lAxwNyu33K
zzRYzthPmAj6HirVqG6RZGDCXf9NpwjRGFLTaWH6N9mRtsgP/0NcxGlAr1CVWZxD
ZmtzpZx1fDzj4t47fMoM8G3QAIvi/sHW/CjvS0nXTAtvyzXdmLGpHqJ7L3qaoqsb
tPvyh77fQ402L/q4G3EW5uWcPRYmNzp0u0qKwEDzYzK48rbPyt1yh3rfQFLZUY3F
ZTltE9AbrVgljTes+HVzivObcu8HjEbYxnHPSWHAPWeufHJRk1/Lb+4iqwqv8jeu
682u4d5gMthYFRrilBOvcq5AVM4iUpHyr64TCb+AiwOtmgjP855RrI7/jwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEqFkgPSp4FCTzyQujwHJlFt4ZZvMB8GA1UdIwQY
MBaAFBSmM1noTgDA+eKiA+rSeBom2QTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQt
OWYxNzE1OTdhZTc4LzEvU29XU0E5S25nVUpQUEpDNlBBY21VVzNobG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQtOWYxNzE1OTdhZTc4
LzEvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPYADAN
BgkqhkiG9w0BAQsFAAOCAQEAk1gsK7Ox0mhrZzGqR4I1QL7+qrCa2fFswGgJBbhX
hu44MaKztqM/td5rSg1rV85PqIjVXXsqB+/L/6SBYR/sUxIth4Kda2DaLkphOieU
T6tvKafJtOSSICMF+aO2LunkwumOhXHRiXZpDATZmN7IUrqnXJsjQq2tqD9DRVhs
q5j4rx/W3WkmZxRBQoP3PGFhADxWw9/9Oe0TZmDAuIH0S98gcpa5w63AG8jo9SfT
K8o64rjY2LJCGUjfMNVK/wDxBT4ohC6Kpan3GbPOdzpGtEANDzvFFoP3YVSpuP5G
8o9beAMtpTmwjvoE9vcSfIYHIlFWbK9JABvqQ3UO68rCBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:35 2024 by rpki-client on console-ams.rpki-client.org